Uninstall email notification when a user removes the DNSFilter roaming client
marked this post as
Voters, after talking with customers on this issue it seemed the challenge was providing visibility into the uninstalling of the DNSFilter roaming client. To that extent, we have introduced the RC Uninstall Notification to help give that visibility - https://dnsfilter.canny.io/changelog/november-08-2022-app-release. We will be releasing the same RC Uninstall Notification capability for macOS later in November.
We know this may not address everyone's needs so I've created two new requests to track that:
- Prevent uninstall on Windows RC - https://dnsfilter.canny.io/feature-requests/p/prevent-dnsfilter-uninstall-on-windows-rc.
- Prevent uninstall on macOS RC - https://dnsfilter.canny.io/feature-requests/p/prevent-dnsfilter-uninstall-on-macos-rc
I'm going to update the title and close out this request. If you would like to discuss this request or any requests please feel free to reach out to me - https://calendly.com/sstaden-dnsfilter/30min.
Steve: this isn’t completed - sounds like you can’t protect an uninstall, but alert on an uninstall?
Steve: Perhaps you could Create a new request called "get notified when agent has been uninstalled" and mark that as complete! i just don't get it!
Steve: You changed the title and marked it as complete?? How twisted is that?
Aber: i hope it can still get untwisted !
Can we install the roaming agent with a which so it doesn't show up in the system tray and doesn't show up in ARP. That way the user doesn't have an easy way to uninstall. msiexec /qn /i ".... TRAYICON="disabled" ARPSYSTEMCOMPONENT=1"
Can you compile an uninstaller with a password that when entered just runs... wmic product where ""name like "%DNS Agent%" CALL UNINSTALL
Bill:Mikey Pruitt can we consider something like this.
Bill, yes you can use several command line switches during install already.
ARPSYSTEMCOMPONENT(as you mentioned), and
LOCALDOMAINS. View our help docs for more info.
I'm not familiar with suggestion #2. Would that just pop up a vanity fake password? I'll run this by our dev teams.
Hi Pandya, thanks for the feedback. It's difficult to prevent admin users on a device from performing admin level tasks like uninstalling software. It's been done but not without deep connections into the operating system which are potential security vulnerabilities.
There is already a request to password protect uninstall of the roaming client so I will merge your request there.
Thank you again for taking the time to provide your feedback.
While the below method is helpful this would only apply in a traditional AD environment. Nearly all security software and filtering tools have an uninstall password. Also, if it is a personal device you may want to allow the user to remove and provide the password but this is not easy if you do not add it into the control panel programs and features.
Hello voters, thanks for all the feedback so far on the topic of preventing removal of our software. To help a bit, we have a new article in our knowledge base outlining some methods that can be utilized to reduce the likelihood of removal. The section is titled "Preventing Circumvention in the Windows Roaming Client". We hope you find it helpful while we look further into a password option.
You can use ARPSYSTEMCOMPONENT=1 switch when doing an install and it will hide it from the Control Panel (appwiz.cpl) and I think there is also another switch for hiding the DNS Filter tray icon as well.
marked this post as
We are reviewing what is possible to implement an uninstall password. The only solutions we've seen that prevent device administrator accounts from uninstalling involve kernal hacking.
There is a solution already if you are using Active Directory and our Windows Roaming Client using group policies. We are creating documentation to assist with this setup now.
Mikey @DNSFilter: I would think there would be a way as every Anti-virus I have every managed has this ability. Of course there are always ways around it.
Joe Jones: Yes, Anti-virus software is what we've been researching. Thanks for posting. We will continue to update you on what we learn.
Mikey @DNSFilter: i do not have AD on this network as i have a mix of operating systems
Mikey @DNSFilter: Any update on this
Faisal: No solid updates yet but we are still investigating.